Changing UID/GID when calling spawn/popen
If I am not wrong it seems that there is no way to properly drop all privileges when spawning a process with spawn/popen.
AFAIK, proper privilege dropping should be done after the fork() and before the exec() and there doesn't seem to be such functionality neither an hook like Python has.
process.c: uid gid exec options
- process.c (rb_execarg_addopt, rb_execarg_run_options): add :uid and :gid options. [Feature #6975]
#1 Updated by Nobuyoshi Nakada almost 3 years ago
- Description updated (diff)
- Category set to core
- Assignee set to akira yamada
Here is a patch
But I have no ideas how to test this feature.
#3 Updated by Nobuyoshi Nakada almost 3 years ago
- Status changed from Open to Closed
- % Done changed from 0 to 100